The following relates generally to methods, unit and articles of manufacture therefor, for verifying human presence in an online environment.
There exist a variety of automated tests for telling humans and computers apart in an online environment. Such tests are collectively known as CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) tests. A CAPTCHA test is a program that can generate and grade tests that most humans can pass but that current computer programs cannot. CAPTCHA tests are of necessity heuristic; there is no way to prove that a computer program cannot pass a test that a human can pass. CAPTCHA tests are adapted to exploit gaps between the abilities of humans and computers.
CAPTCHA tests may be used at the start of or during an online application, such as a multi-player game, to verify human presence as opposed to an automated operator (otherwise known as a “bot” or automated player agent). The CAPTCHA test may or may not be directly integrated with the online application. CAPTCHA tests that are not integrated with online applications are referred to herein as out-of-band CAPTCHA tests. Such out-of-band CAPTCHA tests are flexible in that they may be used with a varied number of online applications. CAPTCHA tests that are tightly integrated into an application (such as a game) are less likely (depending on their method) to be disruptive to the user.
A wide range of CAPTCHA testing strategies is possible. In multi-player game applications for example, a single CAPTCHA challenge may be presented when a player joins a game; alternatively, repeated CAPTCHA challenges may be presented to the player at random intervals over the course of a game. The game may on occasion allow a player not to reply or to give an incorrect answer. A player that fails one or several challenges may be suspended from the game, temporarily for a limited period of time, or permanently (in which case all progress made in the game is lost). CAPTCHA tests deter bots most effectively in long stateful games where players have a lot to lose if they fail a test; games played in short, stateless rounds may require more frequent tests.
A drawback with known CAPTCHA tests is that the tests may be delegated by an automated user to a user that is a human to perform the test. For example, with multi-player online games, know CAPTCHA test may be solved by a human, but that human need not be the user playing the game. That is, known CAPTCHA tests are susceptible to relay attacks in which automated player agents direct digital CAPTCHA tests that require human evaluation to a user that is human to solve the test. The cost of setting up a relay attack may be prohibitive to solve a single digital CAPTCHA test (e.g., when opening a new email account), but it becomes negligible if it can be amortized over many tests, as in online games.
Additional background on the use of CAPTCHA tests and their limitations is disclosed in the following publications which are incorporated herein by reference: Luis von Ahn, Manuel Blum, Nicholas J. Hopper, and John Langford, “CAPTCHA: Using Hard AI Problems For Security”, Advances in Cryptology—EUROCRYPT'03, Vol. 2656, pp. 294-311, 2003; and Philippe Golle and Nicolas Ducheneaut, “Preventing Bots from Playing Online Games”, in the ACM Computers in Entertainment, Vol. 3, July, 2005, which is incorporated herein by reference.
Accordingly, there continues to be a need for improved CAPTCHA test for distinguishing bots from human players in various online applications. Such improved CAPTCHA tests would advantageously be computationally resistant (i.e., are not readily carried out by a bot without undue expense), not readily outsourced (i.e., not readily carried out by a third-party human), and non-disruptive (i.e., do not deleteriously disrupt a human's interaction with the online application).
In accordance with the various embodiments disclosed herein, there is provided a computer implemented method, apparatus and article of manufacture therefor, for verifying human presence in an online environment using a CAPTCHA (or physical) token. In operation, a challenge is issued from an application server (e.g., first computational unit) to a user computer (e.g., second computational unit) after the user computer communicates a request to access a service provided by the application server. A response is computed at the CAPTCHA token (e.g., third computational unit) using a function that takes as input a synchronization measure and a key shared with the application server. The computed response is computed for satisfying the challenge issued by the application server to the user computer and displayed on a user interface of the CAPTCHA token only if interaction instructions involving a physical challenge output on the user interface are satisfied. Input is received at the user computer representing the response displayed on a user interface of the CAPTCHA token. The input received representing response from the user computer is transmitted to the application server for satisfying the challenge issued by the application server. Access to the service to the user computer is enabled by the application server after the challenge is satisfied. The challenge is satisfied at the application server when the response received from the user computer is authenticated using a function that takes as input the response and the key shared with the CAPTCHA token.
In accordance with one of the various embodiments disclosed herein: the each synchronization measure shared between the application server and the user computer is one of a measure of time output by a clock, a counter, and a nonce output by a computational unit; the key shared between the application server and the user computer is a key for a symmetric cipher; the function is computed at the CAPTCHA token with a symmetric cipher that takes as input a synchronization measure and the symmetric key shared with the application server; and the response received from the user computer is deciphered by the application server using a symmetric cipher that takes as input the ciphertext response and the symmetric key shared with the CAPTCHA token.